General
-
Target
aejmelvv.dll
-
Size
520KB
-
Sample
201116-4f24jker9j
-
MD5
a19e9a48a5adb409f2eed82694231a7a
-
SHA1
ff50e4396399178914c64653f33617a7c4f6df61
-
SHA256
fd6f6c377f403f5faccf5c4bb03a0d5af94f7f57ac13572a42b187cdbda027cc
-
SHA512
763bb2799be8a6698362ccf928f552d4faaaf086550e640aeebd7522b304c58f7dc9d68898fe53a8a1bd4db3cfac310019d9bcc2794d0f0c1fadd0abea90841f
Static task
static1
Behavioral task
behavioral1
Sample
aejmelvv.dll
Resource
win7v20201028
Malware Config
Extracted
dridex
10444
77.220.64.53:443
172.96.190.154:4664
209.126.111.137:33443
167.99.158.82:33443
Targets
-
-
Target
aejmelvv.dll
-
Size
520KB
-
MD5
a19e9a48a5adb409f2eed82694231a7a
-
SHA1
ff50e4396399178914c64653f33617a7c4f6df61
-
SHA256
fd6f6c377f403f5faccf5c4bb03a0d5af94f7f57ac13572a42b187cdbda027cc
-
SHA512
763bb2799be8a6698362ccf928f552d4faaaf086550e640aeebd7522b304c58f7dc9d68898fe53a8a1bd4db3cfac310019d9bcc2794d0f0c1fadd0abea90841f
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-